 |
|
| Linux Forum Index » Linux Networking » problem with ftp and conntrack on kernel 2.6.30.5... |
|
Page 1 of 1 |
|
| Author |
Message |
| P.Kêdzierski... |
 Posted: Wed Oct 07, 2009 3:40 pm |
|
|
|
Guest
|
Hello
I have a problem to access ftp server using active mode
from my workstation through linux acting as a router.
I opened a session, first data transfer (listing of a directory)
was successful, but second (also listing of a directory)
caused ftp client to hang. It repeats every time.
This router is running kernel 2.6.30.5 with modules
nf_nat_ftp.ko and nf_conntrack_ftp.ko compiled and loaded.
Below is output of tcpdump from outer interface of router
and output of syslog of router.
IP of my workstation is 10.0.0.12.
IP of outer interface of router is 192.168.1.101.
It seems that second data transfer makes that
'--state RELATED,ESTABLISHED -j ACCEPT' rule in iptables
doesn't recognize packets of ftp control connection any more.
Conntrack 'forgets' about ftp control connection.
Could you tell me where is the problem?
Regards
Przemek
syslog
00:08:05 router01: ftp: Conntrackinfo = 2
00:08:05 router01: ftp: dataoff(64) >= skblen(64)
00:08:05 router01: ftp: dataoff(52) >= skblen(52)
00:08:05 router01: nf_conntrack_ftp: wrong seq pos (UNSET)(0) or (UNSET)(0)
00:08:05 router01: ftp: dataoff(52) >= skblen(52)
00:08:10 router01: nf_conntrack_ftp: wrong seq pos (UNSET)(0) or (UNSET)(0)
00:08:10 router01: ftp: dataoff(52) >= skblen(52)
00:08:10 router01: find_pattern `227 ': dlen = 842
00:08:10 router01: find_pattern `229 ': dlen = 842
00:08:10 router01: ftp: dataoff(52) >= skblen(52)
00:08:10 router01: find_pattern `PORT': dlen = 6
00:08:10 router01: find_pattern `EPRT': dlen = 6
00:08:10 router01: ftp: dataoff(52) >= skblen(52)
00:08:10 router01: find_pattern `227 ': dlen = 19
00:08:10 router01: find_pattern `229 ': dlen = 19
00:08:10 router01: ftp: dataoff(52) >= skblen(52)
00:08:12 router01: find_pattern `PORT': dlen = 24
00:08:12 router01: Pattern matches!
00:08:12 router01: Skipped up to ` '!
00:08:12 router01: Match succeeded!
00:08:12 router01: conntrack_ftp: match `10,0,0,12,173,109' (17 bytes at
2868095992)
00:08:12 router01: FTP_NAT: type 0, off 5 len 17
00:08:12 router01: calling nf_nat_mangle_tcp_packet
00:08:12 router01: find_pattern `227 ': dlen = 29
00:08:12 router01: find_pattern `229 ': dlen = 29
00:08:12 router01: ftp: dataoff(52) >= skblen(52)
00:08:12 router01: find_pattern `PORT': dlen = 6
00:08:12 router01: find_pattern `EPRT': dlen = 6
00:08:12 router01: ftp: dataoff(52) >= skblen(52)
00:08:12 router01: find_pattern `227 ': dlen = 30
00:08:12 router01: find_pattern `229 ': dlen = 30
00:08:12 router01: ftp: dataoff(52) >= skblen(52)
00:08:12 router01: find_pattern `227 ': dlen = 39
00:08:12 router01: find_pattern `229 ': dlen = 39
00:08:12 router01: ftp: dataoff(52) >= skblen(52)
00:08:53 router01: find_pattern `PORT': dlen = 24
00:08:53 router01: Pattern matches!
00:08:53 router01: Skipped up to ` '!
00:08:53 router01: Match succeeded!
00:08:53 router01: conntrack_ftp: match `10,0,0,12,205,106' (17 bytes at
2868096022)
00:08:53 router01: FTP_NAT: type 0, off 5 len 17
00:08:53 router01: calling nf_nat_mangle_tcp_packet
00:08:53 router01: find_pattern `227 ': dlen = 29
00:08:53 router01: find_pattern `229 ': dlen = 29
00:08:53 router01: ftp: dataoff(52) >= skblen(52)
00:08:53 router01: find_pattern `PORT': dlen = 6
00:08:53 router01: find_pattern `EPRT': dlen = 6
00:08:53 router01: IPTABLES IN=eth2 OUT=
MAC=00:a0:24:c1:3d:28:00:1e:e5:db:91:4a:08:00 SRC=153.19.251.221
DST=192.168.1.101 LEN=82 TOS=0x00 PREC=0x00 TTL=60 ID=7893 DF PROTO=TCP
SPT=21 DPT=44353 WINDOW=49232 RES=0x00 ACK PSH URGP=0
00:08:53 router01: find_pattern `PORT': dlen = 6
00:08:53 router01: find_pattern `EPRT': dlen = 6
00:08:53 router01: IPTABLES IN=eth2 OUT=
MAC=00:a0:24:c1:3d:28:00:1e:e5:db:91:4a:08:00 SRC=153.19.251.221
DST=192.168.1.101 LEN=52 TOS=0x00 PREC=0x00 TTL=60 ID=7896 DF PROTO=TCP
SPT=21 DPT=44353 WINDOW=49232 RES=0x00 ACK URGP=0
00:08:53 router01: find_pattern `PORT': dlen = 6
00:08:53 router01: find_pattern `EPRT': dlen = 6
00:08:53 router01: IPTABLES IN=eth2 OUT=
MAC=00:a0:24:c1:3d:28:00:1e:e5:db:91:4a:08:00 SRC=153.19.251.221
DST=192.168.1.101 LEN=52 TOS=0x00 PREC=0x00 TTL=60 ID=7897 DF PROTO=TCP
SPT=21 DPT=44353 WINDOW=49232 RES=0x00 ACK URGP=0
00:08:54 router01: find_pattern `PORT': dlen = 6
00:08:54 router01: find_pattern `EPRT': dlen = 6
00:08:54 router01: IPTABLES IN=eth2 OUT=
MAC=00:a0:24:c1:3d:28:00:1e:e5:db:91:4a:08:00 SRC=153.19.251.221
DST=192.168.1.101 LEN=52 TOS=0x00 PREC=0x00 TTL=60 ID=7898 DF PROTO=TCP
SPT=21 DPT=44353 WINDOW=49232 RES=0x00 ACK URGP=0
00:08:56 router01: find_pattern `PORT': dlen = 6
00:08:56 router01: find_pattern `EPRT': dlen = 6
00:08:56 router01: IPTABLES IN=eth2 OUT=
MAC=00:a0:24:c1:3d:28:00:1e:e5:db:91:4a:08:00 SRC=153.19.251.221
DST=192.168.1.101 LEN=52 TOS=0x00 PREC=0x00 TTL=60 ID=7899 DF PROTO=TCP
SPT=21 DPT=44353 WINDOW=49232 RES=0x00 ACK URGP=0
00:08:57 router01: IPTABLES IN=eth2 OUT=
MAC=00:a0:24:c1:3d:28:00:1e:e5:db:91:4a:08:00 SRC=153.19.251.221
DST=192.168.1.101 LEN=82 TOS=0x00 PREC=0x00 TTL=60 ID=7900 DF PROTO=TCP
SPT=21 DPT=44353 WINDOW=49232 RES=0x00 ACK URGP=0
00:08:58 router01: ftp: dataoff(52) >= skblen(52)
00:08:58 router01: IPTABLES IN=eth2 OUT=
MAC=00:a0:24:c1:3d:28:00:1e:e5:db:91:4a:08:00 SRC=153.19.251.221
DST=192.168.1.101 LEN=52 TOS=0x00 PREC=0x00 TTL=60 ID=7901 DF PROTO=TCP
SPT=21 DPT=44353 WINDOW=49232 RES=0x00 ACK URGP=0
00:08:58 router01: IPTABLES IN=eth2 OUT=
MAC=00:a0:24:c1:3d:28:00:1e:e5:db:91:4a:08:00 SRC=153.19.251.221
DST=192.168.1.101 LEN=104 TOS=0x00 PREC=0x00 TTL=60 ID=7902 DF PROTO=TCP
SPT=21 DPT=44353 WINDOW=49232 RES=0x00 ACK PSH FIN URGP=0
00:09:00 router01: find_pattern `PORT': dlen = 6
00:09:00 router01: find_pattern `EPRT': dlen = 6
00:09:00 router01: IPTABLES IN=eth2 OUT=
MAC=00:a0:24:c1:3d:28:00:1e:e5:db:91:4a:08:00 SRC=153.19.251.221
DST=192.168.1.101 LEN=52 TOS=0x00 PREC=0x00 TTL=60 ID=7903 DF PROTO=TCP
SPT=21 DPT=44353 WINDOW=49232 RES=0x00 ACK URGP=0
00:09:04 router01: device eth2 left promiscuous mode
00:09:05 router01: IPTABLES IN=eth2 OUT=
MAC=00:a0:24:c1:3d:28:00:1e:e5:db:91:4a:08:00 SRC=153.19.251.221
DST=192.168.1.101 LEN=134 TOS=0x00 PREC=0x00 TTL=60 ID=7904 DF PROTO=TCP
SPT=21 DPT=44353 WINDOW=49232 RES=0x00 ACK PSH FIN URGP=0
00:09:08 router01: find_pattern `PORT': dlen = 6
00:09:08 router01: find_pattern `EPRT': dlen = 6
00:09:08 router01: IPTABLES IN=eth2 OUT=
MAC=00:a0:24:c1:3d:28:00:1e:e5:db:91:4a:08:00 SRC=153.19.251.221
DST=192.168.1.101 LEN=52 TOS=0x00 PREC=0x00 TTL=60 ID=7905 DF PROTO=TCP
SPT=21 DPT=44353 WINDOW=49232 RES=0x00 ACK URGP=0
tcpdump -i eth2 -s 1500 -X -v host ftp.pl.debian.org
00:08:05.150504 IP (tos 0x0, ttl 64, id 6745, offset 0, flags [DF],
proto: TCP (6), length: 60) router01.44353 > ftp.pl.debian.org.ftp: S,
cksum 0x2480 (correct), 2868095964:2868095964(0) win 5840 <mss
1460,sackOK,timestamp 438661 0,nop,wscale 6>
0x0000: E..<.Y at (no spam) . at (no spam) ..d...e
0x0010: .....A..........
0x0020: ....$...........
0x0030: ............
00:08:05.189274 IP (tos 0x0, ttl 59, id 7875, offset 0, flags [DF],
proto: TCP (6), length: 64) ftp.pl.debian.org.ftp > router01.44353: S,
cksum 0x2034 (correct), 3732384717:3732384717(0) ack 2868095965 win
49232 <nop,nop,timestamp 2714180781 438661,mss 1460,nop,wscale
0,nop,nop,sackOK>
0x0000: E.. at (no spam) .. at (no spam) .;.......
0x0010: ...e...A.w......
0x0020: ...P.4..........
0x0030: ................
00:08:05.189815 IP (tos 0x0, ttl 64, id 6746, offset 0, flags [DF],
proto: TCP (6), length: 52) router01.44353 > ftp.pl.debian.org.ftp: .,
cksum 0x20f0 (correct), ack 1 win 92 <nop,nop,timestamp 438665 2714180781>
0x0000: E..4.Z at (no spam) . at (no spam) ..k...e
0x0010: .....A.......w..
0x0020: ...\............
0x0030: ....
00:08:05.233414 IP (tos 0x0, ttl 59, id 7876, offset 0, flags [DF],
proto: TCP (6), length: 115) ftp.pl.debian.org.ftp > router01.44353: P,
cksum 0x3c9c (correct), 1:64(63) ack 1 win 49232 <nop,nop,timestamp
2714180785 438665>
0x0000: E..s.. at (no spam) .;.......
0x0010: ...e...A.w......
0x0020: ...P<...........
0x0030: ....220-FTP.serv
0x0040: er.ready...220.O
0x0050: nly.anonymous.FT
0x0060: P.is.allowed.her
0x0070: e..
00:08:05.233847 IP (tos 0x10, ttl 64, id 6747, offset 0, flags [DF],
proto: TCP (6), length: 52) router01.44353 > ftp.pl.debian.org.ftp: .,
cksum 0x20a9 (correct), ack 64 win 92 <nop,nop,timestamp 438669 2714180785>
0x0000: E..4.[ at (no spam) . at (no spam) ..Z...e
0x0010: .....A.......w..
0x0020: ...\............
0x0030: ....
00:08:10.220409 IP (tos 0x10, ttl 64, id 6748, offset 0, flags [DF],
proto: TCP (6), length: 6 router01.44353 > ftp.pl.debian.org.ftp: P,
cksum 0x96c1 (correct), 1:17(16) ack 64 win 92 <nop,nop,timestamp 439168
2714180785>
0x0000: E..D.\ at (no spam) . at (no spam) ..I...e
0x0010: .....A.......w..
0x0020: ...\............
0x0030: ....USER.anonymo
0x0040: us..
00:08:10.259077 IP (tos 0x0, ttl 59, id 7877, offset 0, flags [DF],
proto: TCP (6), length: 52) ftp.pl.debian.org.ftp > router01.44353: .,
cksum 0x5cba (correct), ack 17 win 49232 <nop,nop,timestamp 2714181288
439168>
0x0000: E..4.. at (no spam) .;.......
0x0010: ...e...A.w......
0x0020: ...P\...........
0x0030: ....
00:08:10.269086 IP (tos 0x0, ttl 59, id 7878, offset 0, flags [DF],
proto: TCP (6), length: 894) ftp.pl.debian.org.ftp > router01.44353: P,
cksum 0xf1fd (correct), 64:906(842) ack 17 win 49232 <nop,nop,timestamp
2714181288 439168>
0x0000: E..~.. at (no spam) .;.......
0x0010: ...e...A.w......
0x0020: ...P............
0x0030: ....230-..230-..
0x0040: ....._/_/_/.....
0x0050: ._/......._/_/_/
0x0060: _/_/_/.._//.....
0x0070: ..._/_/_/....._/
0x0080: ..._/..230-...._
0x0090: /......_/...._/.
0x00a0: ..........._/...
0x00b0: ...._/_/....._/.
0x00c0: ....._/..._/.._/
0x00d0: ..230-..._/.....
0x00e0: ......._/.......
0x00f0: ....._/......._/
0x0100: ._/...._/.......
0x0110: ...._/._/..230-.
0x0120: ._/............_
0x0130: /............_/.
0x0140: ......_/.._/....
0x0150: ._/_/_/....._/_/
0x0160: ..230-._/.......
0x0170: ....._/.........
0x0180: ..._/......._/..
0x0190: ._/.........._/.
0x01a0: .._/.._/..230-._
0x01b0: /......_/..._/..
0x01c0: .........._/....
0x01d0: ..._/_/_/_/.._/.
0x01e0: ...._/..._/...._
0x01f0: /..230-.._/_/_/.
0x0200: ...._/..........
0x0210: .._/......._/...
0x0220: .._/..._/_/_/...
0x0230: ._/......_/..230
0x0240: -..230-..230-Thi
0x0250: s.machine.is.loc
0x0260: ated.at.the.Comp
0x0270: uter.Center.in.G
0x0280: dansk.(Poland)..
0x0290: .230-..230-All.t
0x02a0: ransfers.are.log
0x02b0: ged.with.your.ho
0x02c0: st.name.and.emai
0x02d0: l.address...230-
0x02e0: If.you.don't.lik
0x02f0: e.this.policy,.d
0x0300: isconnect.now!..
0x0310: 230-..230-Please
0x0320: .email.suggestio
0x0330: ns.and.questions
0x0340: .to.ftpadmin at (no spam) tas
0x0350: k.gda.pl..230-..
0x0360: 230.Anonymous.us
0x0370: er.logged.in..
00:08:10.269642 IP (tos 0x10, ttl 64, id 6749, offset 0, flags [DF],
proto: TCP (6), length: 52) router01.44353 > ftp.pl.debian.org.ftp: .,
cksum 0x1946 (correct), ack 906 win 118 <nop,nop,timestamp 439173
2714181288>
0x0000: E..4.] at (no spam) . at (no spam) ..X...e
0x0010: .....A.......w.W
0x0020: ...v.F..........
0x0030: ....
00:08:10.271824 IP (tos 0x10, ttl 64, id 6750, offset 0, flags [DF],
proto: TCP (6), length: 5 router01.44353 > ftp.pl.debian.org.ftp: P,
cksum 0x6580 (correct), 17:23(6) ack 906 win 118 <nop,nop,timestamp
439173 2714181288>
0x0000: E..:.^ at (no spam) . at (no spam) ..Q...e
0x0010: .....A.......w.W
0x0020: ...ve...........
0x0030: ....SYST..
00:08:10.310036 IP (tos 0x0, ttl 59, id 7879, offset 0, flags [DF],
proto: TCP (6), length: 52) ftp.pl.debian.org.ftp > router01.44353: .,
cksum 0x5960 (correct), ack 23 win 49232 <nop,nop,timestamp 2714181293
439173>
0x0000: E..4.. at (no spam) .;.......
0x0010: ...e...A.w.W....
0x0020: ...PY`..........
0x0030: ....
00:08:10.310751 IP (tos 0x0, ttl 59, id 7880, offset 0, flags [DF],
proto: TCP (6), length: 71) ftp.pl.debian.org.ftp > router01.44353: P,
cksum 0xf1f4 (correct), 906:925(19) ack 23 win 49232 <nop,nop,timestamp
2714181293 439173>
0x0000: E..G.. at (no spam) .;.......
0x0010: ...e...A.w.W....
0x0020: ...P............
0x0030: ....215.UNIX.Typ
0x0040: e:.L8..
00:08:10.347687 IP (tos 0x10, ttl 64, id 6751, offset 0, flags [DF],
proto: TCP (6), length: 52) router01.44353 > ftp.pl.debian.org.ftp: .,
cksum 0x1920 (correct), ack 925 win 118 <nop,nop,timestamp 439181
2714181293>
0x0000: E..4._ at (no spam) . at (no spam) ..V...e
0x0010: .....A.......w.j
0x0020: ...v............
0x0030: ....
00:08:12.024720 IP (tos 0x10, ttl 64, id 6752, offset 0, flags [DF],
proto: TCP (6), length: 80) router01.44353 > ftp.pl.debian.org.ftp: P,
cksum 0x6478 (correct), 23:51(2 ack 925 win 118 <nop,nop,timestamp
439348 2714181293>
0x0000: E..P.` at (no spam) . at (no spam) ..9...e
0x0010: .....A.......w.j
0x0020: ...vdx.........4
0x0030: ....PORT.192,168
0x0040: ,1,101,173,109..
00:08:12.068469 IP (tos 0x0, ttl 59, id 7881, offset 0, flags [DF],
proto: TCP (6), length: 81) ftp.pl.debian.org.ftp > router01.44353: P,
cksum 0x9df0 (correct), 925:954(29) ack 51 win 49232 <nop,nop,timestamp
2714181469 439348>
0x0000: E..Q.. at (no spam) .;.......
0x0010: ...e...A.w.j....
0x0020: ...P...........]
0x0030: ...4200.PORT.com
0x0040: mand.successful.
0x0050: .
00:08:12.069074 IP (tos 0x10, ttl 64, id 6753, offset 0, flags [DF],
proto: TCP (6), length: 52) router01.44353 > ftp.pl.debian.org.ftp: .,
cksum 0x178b (correct), ack 954 win 118 <nop,nop,timestamp 439353
2714181469>
0x0000: E..4.a at (no spam) . at (no spam) ..T...e
0x0010: .....A.......w..
0x0020: ...v...........9
0x0030: ...]
00:08:12.069259 IP (tos 0x10, ttl 64, id 6754, offset 0, flags [DF],
proto: TCP (6), length: 5 router01.44353 > ftp.pl.debian.org.ftp: P,
cksum 0x6ad5 (correct), 51:57(6) ack 954 win 118 <nop,nop,timestamp
439353 2714181469>
0x0000: E..:.b at (no spam) . at (no spam) ..M...e
0x0010: .....A.......w..
0x0020: ...vj..........9
0x0030: ...]LIST..
00:08:12.112994 IP (tos 0x0, ttl 59, id 7882, offset 0, flags [DF],
proto: TCP (6), length: 52) ftp.pl.debian.org.ftp-data > router01.44397:
S, cksum 0x3da5 (correct), 3740175387:3740175387(0) win 49640 <mss
1460,nop,wscale 0,nop,nop,sackOK>
0x0000: E..4.. at (no spam) .;.......
0x0010: ...e...m........
0x0020: ....=...........
0x0030: ....
00:08:12.113378 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
TCP (6), length: 52) router01.44397 > ftp.pl.debian.org.ftp-data: S,
cksum 0xdbe3 (correct), 2976930642:2976930642(0) ack 3740175388 win 5840
<mss 1460,nop,nop,sackOK,nop,wscale 6>
0x0000: E..4.. at (no spam) . at (no spam) ......e
0x0010: .....m...p[R....
0x0020: ................
0x0030: ....
00:08:12.115444 IP (tos 0x0, ttl 59, id 7883, offset 0, flags [DF],
proto: TCP (6), length: 52) ftp.pl.debian.org.ftp > router01.44353: .,
cksum 0x57a5 (correct), ack 57 win 49232 <nop,nop,timestamp 2714181474
439353>
0x0000: E..4.. at (no spam) .;.......
0x0010: ...e...A.w......
0x0020: ...PW..........b
0x0030: ...9
00:08:12.151378 IP (tos 0x0, ttl 59, id 7884, offset 0, flags [DF],
proto: TCP (6), length: 40) ftp.pl.debian.org.ftp-data > router01.44397:
.., cksum 0x719c (correct), ack 1 win 49640
0x0000: E..(.. at (no spam) .;.......
0x0010: ...e...m.....p[S
0x0020: P...q.........
00:08:12.152894 IP (tos 0x0, ttl 59, id 7885, offset 0, flags [DF],
proto: TCP (6), length: 82) ftp.pl.debian.org.ftp > router01.44353: P,
cksum 0xeef3 (correct), 954:984(30) ack 57 win 49232 <nop,nop,timestamp
2714181477 439353>
0x0000: E..R.. at (no spam) .;.......
0x0010: ...e...A.w......
0x0020: ...P...........e
0x0030: ...9150.Connecti
0x0040: ng.to.port.44397
0x0050: ..
00:08:12.156137 IP (tos 0x0, ttl 59, id 7886, offset 0, flags [DF],
proto: TCP (6), length: 355) ftp.pl.debian.org.ftp-data >
router01.44397: P, cksum 0x0c5a (correct), 1:316(315) ack 1 win 64240
0x0000: E..c.. at (no spam) .;.......
0x0010: ...e...m.....p[S
0x0020: P....Z..lrwxrwxr
0x0030: wx....1.103.....
0x0040: .103............
0x0050: 10.Nov.20..2008.
0x0060: debian.->.pub/de
0x0070: bian..lrwxrwxrwx
0x0080: ....1.103......1
0x0090: 03............13
0x00a0: .Nov.20..2008.de
0x00b0: bian-cd.->.pub/d
0x00c0: ebian-cd..lrwxrw
0x00d0: xrwx....1.103...
0x00e0: ...103..........
0x00f0: ..17.Nov.20..200
0x0100: 8.debian-non-US.
0x0110: ->.pub/debian-no
0x0120: n-US..drwxr-xr-x
0x0130: ....5.103......1
0x0140: 03.............7
0x0150: .Oct.14..2005.pu
0x0160: b..
00:08:12.156302 IP (tos 0x0, ttl 59, id 7887, offset 0, flags [DF],
proto: TCP (6), length: 40) ftp.pl.debian.org.ftp-data > router01.44397:
F, cksum 0x3758 (correct), 316:316(0) ack 1 win 64240
0x0000: E..(.. at (no spam) .;.......
0x0010: ...e...m...W.p[S
0x0020: P...7X........
00:08:12.156600 IP (tos 0x8, ttl 64, id 61202, offset 0, flags [DF],
proto: TCP (6), length: 40) router01.44397 > ftp.pl.debian.org.ftp-data:
.., cksum 0x31de (correct), ack 316 win 108
0x0000: E..(.. at (no spam) . at (no spam) ......e
0x0010: .....m...p[S...W
0x0020: P..l1...
00:08:12.157078 IP (tos 0x8, ttl 64, id 61203, offset 0, flags [DF],
proto: TCP (6), length: 40) router01.44397 > ftp.pl.debian.org.ftp-data:
F, cksum 0x31dc (correct), 1:1(0) ack 317 win 108
0x0000: E..(.. at (no spam) . at (no spam) ......e
0x0010: .....m...p[S...X
0x0020: P..l1...
00:08:12.187610 IP (tos 0x10, ttl 64, id 6755, offset 0, flags [DF],
proto: TCP (6), length: 52) router01.44353 > ftp.pl.debian.org.ftp: .,
cksum 0x1753 (correct), ack 984 win 118 <nop,nop,timestamp 439365
2714181477>
0x0000: E..4.c at (no spam) . at (no spam) ..R...e
0x0010: .....A.......w..
0x0020: ...v.S.........E
0x0030: ...e
00:08:12.198222 IP (tos 0x0, ttl 59, id 7888, offset 0, flags [DF],
proto: TCP (6), length: 40) ftp.pl.debian.org.ftp-data > router01.44397:
.., cksum 0x3757 (correct), ack 2 win 64240
0x0000: E..(.. at (no spam) .;.......
0x0010: ...e...m...X.p[T
0x0020: P...7W........
00:08:12.226085 IP (tos 0x0, ttl 59, id 7889, offset 0, flags [DF],
proto: TCP (6), length: 91) ftp.pl.debian.org.ftp > router01.44353: P,
cksum 0xf66b (correct), 984:1023(39) ack 57 win 49232 <nop,nop,timestamp
2714181485 439365>
0x0000: E..[.. at (no spam) .;.......
0x0010: ...e...A.w......
0x0020: ...P.k.........m
0x0030: ...E226-Options:
0x0040: .-l...226.4.matc
0x0050: hes.total..
00:08:12.226440 IP (tos 0x10, ttl 64, id 6756, offset 0, flags [DF],
proto: TCP (6), length: 52) router01.44353 > ftp.pl.debian.org.ftp: .,
cksum 0x1720 (correct), ack 1023 win 118 <nop,nop,timestamp 439369
2714181485>
0x0000: E..4.d at (no spam) . at (no spam) ..Q...e
0x0010: .....A.......w..
0x0020: ...v...........I
0x0030: ...m
00:08:53.039268 IP (tos 0x10, ttl 64, id 6757, offset 0, flags [DF],
proto: TCP (6), length: 80) router01.44353 > ftp.pl.debian.org.ftp: P,
cksum 0x5a2e (correct), 57:85(2 ack 1023 win 118 <nop,nop,timestamp
443450 2714181485>
0x0000: E..P.e at (no spam) . at (no spam) ..4...e
0x0010: .....A.......w..
0x0020: ...vZ..........:
0x0030: ...mPORT.192,168
0x0040: ,1,101,205,106..
00:08:53.078691 IP (tos 0x0, ttl 59, id 7890, offset 0, flags [DF],
proto: TCP (6), length: 81) ftp.pl.debian.org.ftp > router01.44353: P,
cksum 0x7d61 (correct), 1023:1052(29) ack 85 win 49232
<nop,nop,timestamp 2714185570 443450>
0x0000: E..Q.. at (no spam) .;.......
0x0010: ...e...A.w.....1
0x0020: ...P}a......../b
0x0030: ...:200.PORT.com
0x0040: mand.successful.
0x0050: .
00:08:53.079299 IP (tos 0x10, ttl 64, id 6758, offset 0, flags [DF],
proto: TCP (6), length: 52) router01.44353 > ftp.pl.debian.org.ftp: .,
cksum 0xf6fc (correct), ack 1052 win 118 <nop,nop,timestamp 443454
2714185570>
0x0000: E..4.f at (no spam) . at (no spam) ..O...e
0x0010: .....A.....1.w..
0x0020: ...v...........>
0x0030: ../b
00:08:53.079484 IP (tos 0x10, ttl 64, id 6759, offset 0, flags [DF],
proto: TCP (6), length: 5 router01.44353 > ftp.pl.debian.org.ftp: P,
cksum 0x4a47 (correct), 85:91(6) ack 1052 win 118 <nop,nop,timestamp
443454 2714185570>
0x0000: E..:.g at (no spam) . at (no spam) ..H...e
0x0010: .....A.....1.w..
0x0020: ...vJG.........>
0x0030: ../bLIST..
00:08:53.121497 IP (tos 0x0, ttl 59, id 7891, offset 0, flags [DF],
proto: TCP (6), length: 52) ftp.pl.debian.org.ftp-data > router01.52586:
S, cksum 0x524d (correct), 3772601735:3772601735(0) win 49640 <mss
1460,nop,wscale 0,nop,nop,sackOK>
0x0000: E..4.. at (no spam) .;.......
0x0010: ...e...j..U.....
0x0020: ....RM..........
0x0030: ....
00:08:53.121922 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
TCP (6), length: 52) router01.52586 > ftp.pl.debian.org.ftp-data: S,
cksum 0xa186 (correct), 3619718151:3619718151(0) ack 3772601736 win 5840
<mss 1460,nop,nop,sackOK,nop,wscale 6>
0x0000: E..4.. at (no spam) . at (no spam) ......e
0x0010: .....j........U.
0x0020: ................
0x0030: ....
00:08:53.160428 IP (tos 0x0, ttl 59, id 7892, offset 0, flags [DF],
proto: TCP (6), length: 40) ftp.pl.debian.org.ftp-data > router01.52586:
.., cksum 0x373f (correct), ack 1 win 49640
0x0000: E..(.. at (no spam) .;.......
0x0010: ...e...j..U.....
0x0020: P...7?........
00:08:53.162140 IP (tos 0x0, ttl 59, id 7893, offset 0, flags [DF],
proto: TCP (6), length: 82) ftp.pl.debian.org.ftp > router01.44353: P,
cksum 0xd162 (correct), 1052:1082(30) ack 91 win 49232
<nop,nop,timestamp 2714185579 443454>
0x0000: E..R.. at (no spam) .;.......
0x0010: ...e...A.w.....7
0x0020: ...P.b......../k
0x0030: ...>150.Connecti
0x0040: ng.to.port.52586
0x0050: ..
00:08:53.165385 IP (tos 0x0, ttl 59, id 7894, offset 0, flags [DF],
proto: TCP (6), length: 355) ftp.pl.debian.org.ftp-data >
router01.52586: P, cksum 0xd1fc (correct), 1:316(315) ack 1 win 64240
0x0000: E..c.. at (no spam) .;.......
0x0010: ...e...j..U.....
0x0020: P.......lrwxrwxr
0x0030: wx....1.103.....
0x0040: .103............
0x0050: 10.Nov.20..2008.
0x0060: debian.->.pub/de
0x0070: bian..lrwxrwxrwx
0x0080: ....1.103......1
0x0090: 03............13
0x00a0: .Nov.20..2008.de
0x00b0: bian-cd.->.pub/d
0x00c0: ebian-cd..lrwxrw
0x00d0: xrwx....1.103...
0x00e0: ...103..........
0x00f0: ..17.Nov.20..200
0x0100: 8.debian-non-US.
0x0110: ->.pub/debian-no
0x0120: n-US..drwxr-xr-x
0x0130: ....5.103......1
0x0140: 03.............7
0x0150: .Oct.14..2005.pu
0x0160: b..
00:08:53.165564 IP (tos 0x0, ttl 59, id 7895, offset 0, flags [DF],
proto: TCP (6), length: 40) ftp.pl.debian.org.ftp-data > router01.52586:
F, cksum 0xfcfa (correct), 316:316(0) ack 1 win 64240
0x0000: E..(.. at (no spam) .;.......
0x0010: ...e...j..V.....
0x0020: P.............
00:08:53.165773 IP (tos 0x0, ttl 64, id 16462, offset 0, flags [DF],
proto: TCP (6), length: 40) router01.52586 > ftp.pl.debian.org.ftp-data:
.., cksum 0xf780 (correct), ack 316 win 108
0x0000: E..( at (no spam) N at (no spam) . at (no spam) ......e
0x0010: .....j........V.
0x0020: P..l....
00:08:53.205762 IP (tos 0x0, ttl 64, id 16463, offset 0, flags [DF],
proto: TCP (6), length: 40) router01.52586 > ftp.pl.debian.org.ftp-data:
.., cksum 0xf77f (correct), ack 317 win 108
0x0000: E..( at (no spam) O at (no spam) . at (no spam) ......e
0x0010: .....j........V.
0x0020: P..l....
00:08:53.315785 IP (tos 0x10, ttl 64, id 6760, offset 0, flags [DF],
proto: TCP (6), length: 5 router01.44353 > ftp.pl.debian.org.ftp: P,
cksum 0x4a2f (correct), 85:91(6) ack 1052 win 118 <nop,nop,timestamp
443478 2714185570>
0x0000: E..:.h at (no spam) . at (no spam) ..G...e
0x0010: .....A.....1.w..
0x0020: ...vJ/.........V
0x0030: ../bLIST..
00:08:53.356285 IP (tos 0x0, ttl 59, id 7896, offset 0, flags [DF],
proto: TCP (6), length: 52) ftp.pl.debian.org.ftp > router01.44353: .,
cksum 0x36e2 (correct), ack 91 win 49232 <nop,nop,timestamp 2714185598
443454>
0x0000: E..4.. at (no spam) .;.......
0x0010: ...e...A.w.....7
0x0020: ...P6........./~
0x0030: ...>
00:08:53.795796 IP (tos 0x10, ttl 64, id 6761, offset 0, flags [DF],
proto: TCP (6), length: 5 router01.44353 > ftp.pl.debian.org.ftp: P,
cksum 0x49ff (correct), 85:91(6) ack 1052 win 118 <nop,nop,timestamp
443526 2714185570>
0x0000: E..:.i at (no spam) . at (no spam) ..F...e
0x0010: .....A.....1.w..
0x0020: ...vI...........
0x0030: ../bLIST..
00:08:53.833514 IP (tos 0x0, ttl 59, id 7897, offset 0, flags [DF],
proto: TCP (6), length: 52) ftp.pl.debian.org.ftp > router01.44353: .,
cksum 0x36b2 (correct), ack 91 win 49232 <nop,nop,timestamp 2714185646
443454>
0x0000: E..4.. at (no spam) .;.......
0x0010: ...e...A.w.....7
0x0020: ...P6........./.
0x0030: ...>
00:08:54.756016 IP (tos 0x10, ttl 64, id 6762, offset 0, flags [DF],
proto: TCP (6), length: 5 router01.44353 > ftp.pl.debian.org.ftp: P,
cksum 0x499f (correct), 85:91(6) ack 1052 win 118 <nop,nop,timestamp
443622 2714185570>
0x0000: E..:.j at (no spam) . at (no spam) ..E...e
0x0010: .....A.....1.w..
0x0020: ...vI...........
0x0030: ../bLIST..
00:08:54.794111 IP (tos 0x0, ttl 59, id 7898, offset 0, flags [DF],
proto: TCP (6), length: 52) ftp.pl.debian.org.ftp > router01.44353: .,
cksum 0x3652 (correct), ack 91 win 49232 <nop,nop,timestamp 2714185742
443454>
0x0000: E..4.. at (no spam) .;.......
0x0010: ...e...A.w.....7
0x0020: ...P6R........0.
0x0030: ...>
00:08:56.675938 IP (tos 0x10, ttl 64, id 6763, offset 0, flags [DF],
proto: TCP (6), length: 5 router01.44353 > ftp.pl.debian.org.ftp: P,
cksum 0x48df (correct), 85:91(6) ack 1052 win 118 <nop,nop,timestamp
443814 2714185570>
0x0000: E..:.k at (no spam) . at (no spam) ..D...e
0x0010: .....A.....1.w..
0x0020: ...vH...........
0x0030: ../bLIST..
00:08:56.713847 IP (tos 0x0, ttl 59, id 7899, offset 0, flags [DF],
proto: TCP (6), length: 52) ftp.pl.debian.org.ftp > router01.44353: .,
cksum 0x3592 (correct), ack 91 win 49232 <nop,nop,timestamp 2714185934
443454>
0x0000: E..4.. at (no spam) .;.......
0x0010: ...e...A.w.....7
0x0020: ...P5.........0.
0x0030: ...>
00:08:57.139625 IP (tos 0x0, ttl 59, id 7900, offset 0, flags [DF],
proto: TCP (6), length: 82) ftp.pl.debian.org.ftp > router01.44353: .,
cksum 0xcfdc (correct), 1052:1082(30) ack 91 win 49232
<nop,nop,timestamp 2714185977 443454>
0x0000: E..R.. at (no spam) .;.......
0x0010: ...e...A.w.....7
0x0020: ...P..........0.
0x0030: ...>150.Connecti
0x0040: ng.to.port.52586
0x0050: ..
00:08:58.808237 IP (tos 0x10, ttl 64, id 6764, offset 0, flags [DF],
proto: TCP (6), length: 52) router01.44353 > ftp.pl.debian.org.ftp: F,
cksum 0xf4b8 (correct), 91:91(0) ack 1052 win 118 <nop,nop,timestamp
444027 2714185570>
0x0000: E..4.l at (no spam) . at (no spam) ..I...e
0x0010: .....A.....7.w..
0x0020: ...v...........{
0x0030: ../b
00:08:58.808434 IP (tos 0x0, ttl 64, id 16464, offset 0, flags [DF],
proto: TCP (6), length: 40) router01.52586 > ftp.pl.debian.org.ftp-data:
R, cksum 0xf77b (correct), 1:1(0) ack 317 win 108
0x0000: E..( at (no spam) P at (no spam) . at (no spam) ......e
0x0010: .....j........V.
0x0020: P..l.{..
00:08:58.844927 IP (tos 0x0, ttl 59, id 7901, offset 0, flags [DF],
proto: TCP (6), length: 52) ftp.pl.debian.org.ftp > router01.44353: .,
cksum 0x327f (correct), ack 92 win 49232 <nop,nop,timestamp 2714186147
444027>
0x0000: E..4.. at (no spam) .;.......
0x0010: ...e...A.w.....8
0x0020: ...P2.........1.
0x0030: ...{
00:08:58.847129 IP (tos 0x0, ttl 59, id 7902, offset 0, flags [DF],
proto: TCP (6), length: 104) ftp.pl.debian.org.ftp > router01.44353: FP,
cksum 0x1ea3 (correct), 1082:1134(52) ack 92 win 49232
<nop,nop,timestamp 2714186147 444027>
0x0000: E..h.. at (no spam) .;.......
0x0010: ...e...A.w.....8
0x0020: ...P..........1.
0x0030: ...{226-Options:
0x0040: .-l...226.4.matc
0x0050: hes.total..226.L
0x0060: ogout...
00:09:00.515773 IP (tos 0x10, ttl 64, id 6765, offset 0, flags [DF],
proto: TCP (6), length: 5 router01.44353 > ftp.pl.debian.org.ftp: P,
cksum 0x475f (correct), 85:91(6) ack 1052 win 118 <nop,nop,timestamp
444198 2714185570>
0x0000: E..:.m at (no spam) . at (no spam) ..B...e
0x0010: .....A.....1.w..
0x0020: ...vG_.........&
0x0030: ../bLIST..
00:09:00.553554 IP (tos 0x0, ttl 59, id 7903, offset 0, flags [DF],
proto: TCP (6), length: 52) ftp.pl.debian.org.ftp > router01.44353: .,
cksum 0x319f (correct), ack 92 win 49232 <nop,nop,timestamp 2714186318
444027>
0x0000: E..4.. at (no spam) .;.......
0x0010: ...e...A.w.<...8
0x0020: ...P1.........2N
0x0030: ...{ |
|
|
| Back to top |
|
|
|
| Pascal Hambourg... |
| Posted: Thu Oct 08, 2009 4:21 am |
|
|
|
Guest
|
Hello,
P.Kedzierski a écrit :
Quote:
I have a problem to access ftp server using active mode
from my workstation through linux acting as a router.
I opened a session, first data transfer (listing of a directory)
was successful, but second (also listing of a directory)
caused ftp client to hang. It repeats every time.
This router is running kernel 2.6.30.5 with modules
nf_nat_ftp.ko and nf_conntrack_ftp.ko compiled and loaded.
[...]
It seems that second data transfer makes that
'--state RELATED,ESTABLISHED -j ACCEPT' rule in iptables
doesn't recognize packets of ftp control connection any more.
Conntrack 'forgets' about ftp control connection.
Could you tell me where is the problem?
Your problem may be related to the following thread in the
netfilter-devel mailing list :
Message-ID: <alpine.DEB.2.00.0909102134290.12124 at (no spam) blackhole.kfki.hu>
Archive: <http://www.spinics.net/lists/netfilter-devel/msg10480.html>
The patch has been added to the nf-2.6 git repository, but AFAICS I have
not seen it merged into any Linux stable or -rc release yet. |
|
|
| Back to top |
|
|
|
| P.Kędzierski... |
| Posted: Thu Oct 08, 2009 3:05 pm |
|
|
|
Guest
|
Pascal Hambourg wrote:
Quote: Your problem may be related to the following thread in the
netfilter-devel mailing list :
Message-ID: <alpine.DEB.2.00.0909102134290.12124 at (no spam) blackhole.kfki.hu
Archive: <http://www.spinics.net/lists/netfilter-devel/msg10480.html
Thank you.
P. |
|
|
| Back to top |
|
|
|
|
|
All times are GMT - 5 Hours
The time now is Mon Nov 30, 2009 1:52 pm
|
|